mirror of
https://codeberg.org/openpgp/notes.git
synced 2024-11-04 16:15:59 +01:00
Differentiate inline-signed messages between one-pass-signed and prefix-signed messages
This commit is contained in:
parent
6d63342455
commit
01e18a835b
2 changed files with 14 additions and 2 deletions
|
@ -313,7 +313,10 @@ Notation Tag
|
||||||
Part of a {term}`Notation` name.
|
Part of a {term}`Notation` name.
|
||||||
|
|
||||||
One-pass Signature Packet
|
One-pass Signature Packet
|
||||||
One or more {term}`packets<OpenPGP Signature Packet>` before the actual data in a {term}`Data Signature` which contain information to allow a receiving {term}`implementation<OpenPGP Implementation>` to create {term}`hashes<Hash Digest>` required for signature verification. See [RFC 5.4](https://www.ietf.org/archive/id/draft-ietf-openpgp-crypto-refresh-12.html#one-pass-sig) for more details.
|
One or more {term}`packets<Packet>` before the actual data in a {term}`Data Signature` which contain information to allow a receiving {term}`implementation<OpenPGP Implementation>` to create {term}`hashes<Hash Digest>` required for signature verification. See [RFC 5.4](https://www.ietf.org/archive/id/draft-ietf-openpgp-crypto-refresh-12.html#one-pass-sig) for more details.
|
||||||
|
|
||||||
|
One-pass-signed Message
|
||||||
|
A {term}`OpenPGP Message` signed using one or more {term}`One-pass signatures<One-pass Signature Packet>`.
|
||||||
|
|
||||||
OpenPGP Certificate
|
OpenPGP Certificate
|
||||||
An OpenPGP certificate contains public key material, identity claims and third party certifications (but no private key material)
|
An OpenPGP certificate contains public key material, identity claims and third party certifications (but no private key material)
|
||||||
|
@ -405,6 +408,8 @@ Preferred AEAD Ciphersuites Subpacket
|
||||||
|
|
||||||
See [RFC 5.2.3.15](https://www.ietf.org/archive/id/draft-ietf-openpgp-crypto-refresh-12.html#name-preferred-aead-ciphersuites)
|
See [RFC 5.2.3.15](https://www.ietf.org/archive/id/draft-ietf-openpgp-crypto-refresh-12.html#name-preferred-aead-ciphersuites)
|
||||||
|
|
||||||
|
Prefixed-Signed Message
|
||||||
|
An {term}`OpenPGP Message` with one or more prefixed {term}`signature packets<OpenPGP Signature Packet>`.
|
||||||
|
|
||||||
Primary Component Key
|
Primary Component Key
|
||||||
See {term}`OpenPGP Primary Key`.
|
See {term}`OpenPGP Primary Key`.
|
||||||
|
|
|
@ -54,7 +54,12 @@ This method is commonly used for signing or encrypting emails. Most email softwa
|
||||||
|
|
||||||
#### Structure
|
#### Structure
|
||||||
|
|
||||||
An {term}`inline-signed<Inline Signature>` {term}`OpenPGP message` consists of three segments:
|
There are two different constructions available to generate inline-signed messages:
|
||||||
|
|
||||||
|
* {term}`One-pass-signed messages<One-pass-signed Message>` are signed using one ore more {term}`one-pass signatures<One-pass Signature Packet>`
|
||||||
|
* {term}`Prefixed-signed messages<Prefixed-signed Message>` have the actual signature(s) prefixed to the {term}`OpenPGP message<OpenPGP Message>`.
|
||||||
|
|
||||||
|
A {term}`one-pass-signed<One-pass-signed Message>` {term}`OpenPGP message` consists of three segments:
|
||||||
|
|
||||||
1. [**One-pass signature packets**](https://www.ietf.org/archive/id/draft-ietf-openpgp-crypto-refresh-12.html#one-pass-sig): These one or more {term}`packets<Packet>` precede the signed data and enable {term}`signature<OpenPGP Signature Packet>` computation in one pass.
|
1. [**One-pass signature packets**](https://www.ietf.org/archive/id/draft-ietf-openpgp-crypto-refresh-12.html#one-pass-sig): These one or more {term}`packets<Packet>` precede the signed data and enable {term}`signature<OpenPGP Signature Packet>` computation in one pass.
|
||||||
|
|
||||||
|
@ -62,6 +67,8 @@ An {term}`inline-signed<Inline Signature>` {term}`OpenPGP message` consists of t
|
||||||
|
|
||||||
3. **{term}`Data signature packets<OpenPGP Signature Packet>`**: These contain the {term}`cryptographic signature` corresponding to the original data.
|
3. **{term}`Data signature packets<OpenPGP Signature Packet>`**: These contain the {term}`cryptographic signature` corresponding to the original data.
|
||||||
|
|
||||||
|
Less commonly used are {term}`prefixed-signed messages<Prefixed-signed Message>`, where the {term}`signature packet(s)<signature packet>` are simply prepended to the message.
|
||||||
|
|
||||||
#### Creation
|
#### Creation
|
||||||
|
|
||||||
To produce an {term}`inline signature`, the {term}`signer` processes the entirety of the data by reading from an input file and writing into an output {term}`OpenPGP message` file. As the data is processed, the {term}`signer` simultaneously calculates a {term}`cryptographic signature`. This procedure results in the appending of a {term}`data signature packet` to the output {term}`OpenPGP message` file, where it can be efficiently stored.
|
To produce an {term}`inline signature`, the {term}`signer` processes the entirety of the data by reading from an input file and writing into an output {term}`OpenPGP message` file. As the data is processed, the {term}`signer` simultaneously calculates a {term}`cryptographic signature`. This procedure results in the appending of a {term}`data signature packet` to the output {term}`OpenPGP message` file, where it can be efficiently stored.
|
||||||
|
|
Loading…
Reference in a new issue